Hi You don't specify which government, but let's assume it's one with an comprehensive information assurance policy. First things first. Find out who the technical authority for information assurance is in your country. Then find out what the official policy on erasing and destroying information assets are. This information may not be published, and you may need to be registered with the technical authority to access it. Then cross reference against the terms of the contract. Then do. To help you a little, most best practice policies describe a range of methods. The selection of which method depends on * the device used to hold the data - HDD, flash memory (multiple technologies), DRAM, etc * the classification / protective marking of the data (SECRET, TOP SECRET etc) * whether the device is being re-used (for new data) within the same secure facility where it was held originally, or is it being removed from that facility (for destruction) Removal methods vary from using certified data erasure products, to complete physical destruction via a specified and approved method. In any case, there will be a detailed procedure to follow, possibly also independent witnessing and certification of the destruction. In any case, there will be an explicit process to follow, as well as copious paperwork. Note the use of the phrase 'certified...products'. While tools such as DBAN may be effective, they are not approved and certified by your national technical authority for information assurance. Using a non-certified product is equivalent to using nothing, and there may be penalties if you claim to have followed the set process, but used such non approved tools. Your organisation should have an information security officer (or similar executive) who is responsible for this. Normally it is a pre-requisite to have such a professional as a pre-requisite to handling classified / protectively marked material in most countries. What you've discovered should really have been caught pre-contract signing, by your legal and/or commercial people. You need to talk to your bosses about this. Oversights such as this can destroy a business, both in terms of money and reputation. HTH g

I think you are confusing some of the political unrest from the 80s with the self-serving mindless violence of recent weeks.
It is absolutely true to say that government cuts are affecting national and local funding for all citizens, and they are affecting deprived areas. However, these cuts have only come in to effect fully from April this year. The unemployment and illiteracy have been at those levels for a long time, including during the boom years of 1995-2005, and during the previous Labour administration. It is illogical to say that the currently limited impacts of the austerity measures are giving people cause to riot. If you look at the actual activity during the riots, it didn't include political protest, marches, speeches or any other normal signs of protest by ordinary people. It did include a relatively large number of groups causing criminal damage, violence and commiting flagrant acts of theft - typically of high value goods and big name brands. This was theft on a large scale, enabled by breakdown in normal social barriers.
The government is planning to reduce both front and back office police numbers, however these cuts have not taken place yet to any extent. Police numbers are at almost record levels. The police didn't retreat to protect stations, they deployed in the areas that they thought needed protection. However the mobile hoards, enabled by SMS and social networks, just moved to new sites, typically after a short skirmish. In short, asymmetric confrontation and overwhelming numbers. Once the scale of the problem was understood (a d a few politicians returned from holiday) they brought in an extra 16000 police for London alone - an increase of approximately 25% on the normal force. This managed to suppress most of the activity.
There are currently reportedly over 1000 people arrested, and the MPS have suggested that possibly another 2000 will be, once the CCTV and other evidence is analysed. This is hardly tiny by any one's measure.
As for brutal policing, the MPS have been negatively criticised for not being tough enough in the first few days, and they adjusted their tactics subsequently. They have not however used plastic bullets, water cannon, tear gas or any other large scale crowd suppression measures. This is not brutal. If you want to see 'firm' policing, ask the French.
As for fixing problems on the ground, the previous administration spent 10s of billions over more than a decade on enhanced social benefits and programmes for the disadvantaged. While it has doubtless helped many, it has also raised a generation that expects to live off the state, spurn education and employment, contribute nothing in return except vocal occasionally violent protest about how they are not provided enough.

Not only is it a big ass PNG, it's also in AdobeRGB colourspace - so probably about .1% of the readership is actually able to see it correctly. and never mind cutting file size by 75%, try 90 or 95%, and that's without even touching the resolution. The only question is why he didn't go the whole hog with a 32-bit image instead of the paltry 8-bit option. (that last bit was sarcasm, or should I say the last 24 bots were sarcasm) Leading technology web site, eh? Remind me again of the relevance of slashdot, with stories regularly appearing a day or two days behind other sites, slashvertisements, and little in the way of original content. And I agree with the others, taking advantage of users' good will and giving nothing back is pretty weak.

I really hope you're trying to be sarcastic or ironic - otherwise there isn't a clue stick big enough. The 'only way' isn't. There are several. All methods of interception require money, some require legislation and the rest require subterfuge and technical skill. In this case I imagine it's very simple. The state has a law saying it's legal for certain agencies to intercept calls in order to protect national security. The state's telecoms provider(s) purchase interception equipment from telecoms hardware providers. It gets plugged in and switched on. The state uses it. No conspiracy, no mad l33t skillz, no drama. Except possibly for the subjects/victims of the interception. For examples of legal intercept equipment, see http://www.google.co.uk/url?sa=t&source=web&cd=7&ved=0CEkQFjAG&url=http%3A%2F%2Fwww.cisco.com%2Fweb%2Fabout%2Fsecurity%2Fintelligence%2FLI-3GPP.html&ei=CWy3Td-NNZS1hAe6_8H3Dg&usg=AFQjCNGEKGTT3PTOMkB172TvxVlkqgMKZg or http://www.scribd.com/doc/49742557/50/Legal-Interception-Gateway-LIG There is of course the relatively recent case of illegal intercept, in Greece. There it came to light that politicians and other high profile figures had their mobils calls tapped. On investigation, one of the country's mobile providers found that someone had installed, configured and turned on the 'legal intercept' software/hardware to do the tapping. Here's the rub - it wasn't done by the government company or home intelligence service. So who did it and why?

They have - by mandating that appropriate controls are implemented, including full disk encryption. See http://www.cabinetoffice.gov.uk/spf/sp4_isa.aspx - specifically requirement #40.

Truecrypt is not a product tested and approved by http://www.cesg.gov.uk/ so it can't be used for UK government business. If someone is willing to pony up the accreditation fees, and it passes, then it can be used.

These new UK gov regulations are interesting - they make specific nominated individuals in every government organisation personally responsible for data security - with penalties including fines and prison. Unsurprisingly, data security is now very heavily implemented and monitored.

All UK government devices storing information classified as RESTRICTED ( no US equivalent) must have two factor authentication, and full disk encryption using a FIPS140 certified product from a CESG-approved list. Anything carrying CONFIDENTIAL or SECRET has the same, plus additional techniques and handling protocols to ensure CIA (confidentiality, integrity, assurance). TOP SECRET isn't discussed in open forums.

This is a non story if they are accidental losses. All organisations, including those within and around the intelligence communities, lose assets. The real questions should be (1) was it accidental, (2) if not, who made the effort and (3) are you confident the systems in place will protect the information for long enough until its value decreases below the effort required to recover it.

  To be honest, the more pressing issue for ordinary citizens is not governments protecting or losing information about citizens, but private organisations.

This would be the UK that led the development of modern computing with the work of Alan Turing, led the development of the use of computers in industrial and military environments (Bletchley Park) and which dramatically shortened the second world war. This would be the UK that invented public key cryptography before the NSA. This would be the UK which developed working, scalable MIMD parallel processing (transputer) in the early 90s. Then there was the matter of Boole, who did some minor mathematical work. That UK.

Dude,
leave the laptop. you have two weeks in a new country / continent, why sit down with a laptop? If you want to email or blog, there are many internet kiosk/ cafe type places.

Seriously, leave it.

Two weeks is too long in London. Give yourself a day to get over jetlag, and 1-2 days to cover the major attractions. Then take the next ten days to travel around, and come back to london to a final sweep of interesting places, and get ready for the flight.

You can grab a train to Paris (France), and spend a day or two there - get another country in. Get a flight to Dublin, Cork or Belfast (45 mins) Yet another country.

mod parent up.

The first step is to find out what the business wants, and how much it is willing to pay. THEN you go out to find out what tech is appropriate/affordable to do it.

Ask the heads of each office, and the main business managers what they want the tech to do now, in a year and in three years. Do you have a business continuity plan that has to be allowed for. If you don't have a BC plan, now's a good time to have one done, before you buy a load of kit that may not do the job.

Once you have a list of business needs, and put them in a prioritised list (again the managers set the priority), you go out and look at what can do the job. Assuming you find a reasonable solution within budget, you need to plan the migration.

Protip: do not attempt to migrate everything in one go. Do it in steps, with breaks in between.

Proprotip: whatever your migration, be able to revert to the original solution in less than 8 hours - ie one working day.

Migration is the biggest gotcha - plan, plan and plan again. Do a dry run. Start with the least critical services. You do have backups, right? Fully tested backups, from ground zero? You do have all your network and infrastructure accurately and completely mapped out, and all configuration settings / files stored on paper and independent machines?

Both arguments for VM and KISS have their place - only you can decide. But when you do decide, make sure it's based on evidence, and will end up making the business better.

Don't forget Total Cost of Ownership - the shiny boxes may run faster, but will you have to hire two more techs to keep them running, or a new maintenance contract?

Don't forget training - for you, your staff and the end users. If you're putting shiney newness in place, people will need to know how to use it, and do their jobs at least as quickly as on the old solution. No use putting in shiny web4.0 uber cloud goodness, if the users end up spending an hour doing a job that used to take 5 minutes, because they don't know how to use it properly, or the interface doesn't easily work with their business processes.

good luck

"Executives" are interested in money - what earns money for the company, what costs money for the company, what can increase future money for the company, what prevents increasing future money for the company.

Think about the main things you are doing, or plan to do over the next week, month, quarter, year. Which of the four results (earn, cost, increase, decrease) do those things do? Can you mitigate (reduce) the negatives? Can you improve the positives? What are the costs (time, money, resources)? What are the impacts/benefits (save or increase time, money, resources)?

Here's a couple of examples:
"Our mail system is aging and is struggling with the current load. I estimate it causes up to two hours delay per employee per month. I plan to increase the memory and disk space. It will cost $x hundred, and take 3 days to implement. The benefit will be the increase in productivity and delay the need to buy an entire new server for two more years."

"Our finance dept is struggling to keep up with the number of invoices that need to be processed. With the CFO I am evaluating three new systems which can help automate the process. The cost of the system is $x in capital expenditure, and then $y in annual licence fees. The CFO estimates that it will reduce the time to invoice clients from 10 days to four days, and increase cash flow for the company."

So, think in terms of money. Think what business problems or opportunities that IT makes better (or worse). State the problem or opportunity, what you are doing / want to do, say what the impact of your proposal is / will be.

Stick to this basic formula, and you'll soon be seen as someone who brings answers and adds value, instead of the stereotypical geek who complains, costs money and does little of value.